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Kali Linux 

- The BackTrack Successor 

On March 1 3, Kali, a complete rebuild of BackTrack Linux, has 
been released. It has been constructed on Debian and is FHS 
(Filesystem Hierarchy Standard) complaint. It is an advanced 
Penetration Testing and Security Auditing Linux distribution. It 
adhers completely to Debian development standards. However, 
one should not treat Kali Linux exactly the same as Debian. 



BackTrack is an open-source Linux-based 
penetration testing toolset. In Backtrack, 
the common tools that you needed to per- 
foriti a security assessment were ali packaged in- 
to one nice distribution and ready to go at a mo- 
ment's notice. BackTrack made it easy to create 
a new VM (Virtual Machine) from the downloaded 
ISO (International Organization for Standardiza- 
tion), perform the assessment, then either archive 
that VM (Virtual Machine) for future reference or 
delete it when done to remove the evidence. 




Figure 1. Kali Linux 



Kali Linux 

Kali Linux is a new open source distribution that fa- 
cilitates penetration testing. Whereas BackTrack 



was built on Ubuntu, Kali Linux is built from scratch 
and constructed on Debian and is FHS (Filesystem 
Hierarchy Standard) compliant. Improved software 
repositories synchronized with the Debian reposito- 
ries makes it easierto keep it updated, apply patch- 
es and add new tools. Kali Linux can also be eas- 
ily customized so that it contains only the packages 
and features that are required. Desktop environment 
can also be customized to use GNOME(default), 
KDE (K Desktop Environment), LXDE (Lightweight 
X11 Desktop Environment), or whatever you prefer. 
Some Other Differences 

• In Kali, there is no /pentest directory like in 
Backtrack 5. Fire up any tool just by typing its 
name in the shell. 

• They have removed Nessus Vulnerability 
Scanner in Kali, it can be manually installed by 
downloading it from Tenable. 

• Errors like "Errar connecting to wicd's D-bus 
bla bla" when you try to fire up Wicd in Back- 
track 5 are gone. Kali Linux is much more 
cleaner in these respect than Backtrack 5. 

• Kali Linux is Smaller in size than Backtrack 5 
(which was around 3 GB approx). Kali Linux 
ISO is just 2 GB (approx) in size. 

• Firefox has been replaced by Iceweasal. They 
are both given by Mozilla and very similar. 
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However like Firefox in Backtrack comes with 
'noscript' and such add-ons for security, Ice- 
weasal in Kali comes clean. 

• Separate listing of much-hyped security tools 
in the Menu of Kali Linux under "Top 10 Securi- 
ty Tools". 

• VLC Player comes pre-installed with Kali linux. 
In Backtrack 5, you had to manually instali it 
and then it gave you an error saying "Won't run 
in root mode" and then you had to hex-edit the 
VLC binary. 

• Light pdf Viewer in Backtrack has been re- 
placed by 'Document Viewer'. 

• No 'gedit' in Kali, instead you can use 'Leafpad'. 

Who Should Use Kali Linux 

So, the question arises: Should I use Kali Linux? 
Kali Linux aims towards professional penetra- 
tion testing and security auditing. To reflect these 
needs, several core changes have been imple- 
mented in Kali Linux: 

• Single user, root access by design: Since it 
has been designed for security auditing, Kali 
Linux is designed to be used in a "single, root 
user" scenario. 

• Network services disabled by default: Major 
security threats comes from various network 
services running on the system. Kali Linux 
is equipped with sysvinit hooks which disable 
network services by default. These hooks al- 
low us to instali various services on Kali Linux, 
while ensuring that our distribution remains se- 
cure by default, no matter what packages are 
installed. Additional services such as Bluetooth 
are also blacklisted by default. 

• Custom Linux Kernel: Kali Linux uses an up- 
stream kernel, patched for wireless injection. 

Since Kali is a Linux distribution specifically 
geared towards professional penetration test- 
ing and security auditing and as such, it is not 
a recommended distribution for those unfamiliar 
with Linux. Misuse of security tools within your 
network, particularly without permission, may 
cause irreparable damage and result in signifi- 
cant consequences. 

NOTE 

If you are looking for a Linux distribution to learn 
the basics of Linux and need a good starting point, 
Kali Linux is not the ideal distribution for you. You 
may want to begin with Ubuntu or Debian instead. 



Installing Kali Linux as a Virtual Machine 
in Virtual Box 

Kali Linux can be run as Live CD or it can be in- 
stalled as a virtual machine in VirtualBox. You can 
follow below mentioned steps to instali Kali Linux 
as a virtual machine in VirtualBox: 

• Creating a proper Virtual Machine for 
Kali Linux. 

• Installing Kali Linux to a hard disk inside the 
Virtual Machine. 

• Instali VirtualBox Guest Addition Tools in 
Kali Linux. 

• Setting up shared folders in VirtualBox with 
your Kali Linux installation. 

Note 

The instructions below were performed with the 
VirtualBox version 4.2.8. If you are experiencing 
issues with 4.1 .x, please upgrade VirtualBox to this 
or a later release. 

Creating the Virtual Machine 

• Launch VirtualBox and using Virtual Machine 
Manager create a new virtual machine by click- 
ing 'New' in the upper left corner. 

• Provide a Name for the virtual machine, OS (Op- 
erating System) Type and Version. Set the Type to 
'Linux' and the Version to 'Debian.' Please make 
sure to choose the proper version 32 or 64 bit op- 
tions for your architecture. Once completed, click 
the continue button to move on with the setup. 

• Configure the amount of memory to allocate to 
your new virtual machine. As a minimum allo- 
cate 2048MB. Once completed, click the Con- 
tinue button. 

• Next step is to create virtual machine hard drive. 
The default is to 'Create a virtual hard drive 
now.' Accept the default and click the Create 
button in the lower right portion of the window. 

• Pick your hard drive file type. The default is 
VDI (VirtualBox Disk Image), however you can 
create any other type. For example, creating 
a VMDK (Virtual Machine Disk) will allow you 
to use this hard drive with VMWare as well as 
VirtualBox. Once you have selected your file 
type, click the Continue button. 

• The next step gives you two options: to allo- 
cate the entire amount of disk space at once, 
OR dynamically allocate as hard drive space is 
needed. Once you have made your selection, 
click the Continue button. 



EXTRA 05/2013(16) 



Page 11 



http://pentestmag.com 



PenTest 



SCENARIOS 



• Provide hard drive file location and size. For lo- 
cation, it will always instali in the default direc- 
tory and only needs to be changed if desired. 

• Approximately 8GB of disk space is required 
for base instali of Kali Linux. It is good practice 
to provide roughly 4 times that amount in order 
to ensure proper space as you add to and up- 
date the installed system with tools and files. 
Once you have provided the desired size, click 
the Create button. 

Now, the new virtual machine has been created. 
However, stili there are few additional configura- 
tion settings that you need to make. 

With your newly created Kali Linux virtual machine 
selected, click the 'General' link in the right portion 
of the Manager window. This will launch a window 
that allows for additional configuration settings. 

At least two following changes that should be 
made during this step: 



Once you have booted into your Kali Linux vir- 
tual machine, open a terminal window and issue 
the following command to instali the Linux Kernel 
headers. 

apt-get update && apt-get instali -y linux- 
headers-$ (uname -r) 

Now attach the Guest Additions CD-ROM. This 
can be done by selecting 'Devices' from the Vir- 
tualBox Menu and selecting 'Instali Guest Addi- 
tions.' It will mount the GuestAdditions ISO to the 
virtual CD Drive in your Kali Linux virtual machine. 
When prompted to autorun the CD, click the Can- 
cel button (Figure 2). 

From a terminal window, copy the VboxLinuxAd- 
ditions.run file from the GuestAdditions CD-ROM to 
a path on your locai system. Make sure it is execut- 
able and run the file to begin installation (Figure 3). 



• Select the System option and the Processor 
tab to change the amount of processors. As a 
default, the machine is granted only 1 VCPU 
(Virtual CPU). Provide at least 2 processors. 

• Next, select the Storage option to attach your 
Kali Linux ISO image. In the Storage Tree 
window, select your CD-ROM controller. Then 
within the Attributes pane click the CD-Rom 
Icon and 'Choose a virtual CD/DVD disk file' 
from the pop up menu. This will open a win- 
dow to browse the host system for your Kali 
Linux ISO file. Once selected, click the Open 
button and then click the OK button to save ali 
your changes you will be returned to the Virtu- 
alBox Manager. 

You can now click the Start Button to launch the 
VM (Virtual Machine) and begin the Kali Linux in- 
stallation process. 

Kali Linux Installation to a hard disk inside 
virtual machine 

The tutorial for installing Kali Linux can be found 
here. Once installation is complete, you will need 
to instali the VirtualBox Guest Addition tools. 

Instali VirtualBox Guest Addition Tools in Kali 
Linux 

In order to have proper mouse and screen integra- 
tion as well as folder sharing with your host sys- 
tem, you will need to instali the VirtualBox Guest 
additions. 




Figure 2. Cancel_Auto_Run 
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Figure 3. VBoxAdditionsJnstall 
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cp /media/cd-rom/VBoxLinuxAdditions . run /root/ 
chmod 755 /root/VBoxLinuxAdditions . run 
ed /root 

. /VboxLinuxAdditions . run 

To complete the Guest Additions installation, re- 
boot the Kali Linux VM (Virtual Machine). Full 
mouse and screen integration as well as the abil- 
ity to share folders with the host system should 
now be available. 

Creating Shared Folders with the Host System 

There are a few short steps that need to be com- 
pleted in order to share folders on your host sys- 
tem with your Kali Linux VM (Virtual Machine). 

From the VirtualBox Manager, select your Ka- 
li Linux VM (Virtual Machine) instance and click 
on the 'Shared Folders' link in the right window 
pane. This will launch a pop up window for adding 
shared folders. Within this window click the icon 
to add a folder. 

In the Folder Path text box, provide the path 
to the folder you would like to share, or click the 
drop-down arrow to browse your host system for 
the path. Select the check boxes that allow for 'Au- 
to-mount' and 'Make Permanent' and click the OK 
button both times when prompted (Figure 4). 

Under media directory, your shared folders will 
now be available. A bookmark or link can also be 
created for easier access to the directory. 

Kali Linux Forensics Mode 

"Forensic Boot" introduced in BackTrack Linux 
that continued on through BackTrack 5 also ex- 
ists in Kali Linux. The "Forensics Boot" option has 
proven to be very popular due to the widespread 
availability of our operating system. Many people 
have Kali ISOs laying around and when a foren- 
sic need comes up, it is quick and easy to put Kali 
Linux to the job. Pre-loaded with the most popu- 
lar open source forensic software, Kali is a handy 
tool when you need to do some open source fo- 
rensic work (Figure 5). 

When booted into the forensic boot mode, there 
are a few very important changes that are made. 

• The internai hard disk is not touched. This 
means that if swap partition exists, it will not be 
used and no internai disk will be auto mounted. 
To verify this, I removed the hard drive from 
a standard system. Attaching this to a com- 
mercial forensic package I took a hash of the 
drive. I then re-attached the drive to the com- 



puter and booted up off of Kali in forensic boot 
mode. After using Kali for a period of time, I 
then shut the system down, removed the hard 
drive, and took the hash again. These hashes 
matched, indicating that at no point was any- 
thing changed on the drive at ali. 
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Figure 4. Shared _Folder_Config 
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Figure 5. Kali_Forensic_Mode 




Figure 6. Top_10_Security_Tools 
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• The auto mount of any removable media has 
been disabled. So thumb drives, CDs, and so 
on will not be auto-mounted when inserted. The 
idea behind ali of this is simple: Nothing should 
happen to any media without direct user action. 
You are responsible for doing anything as a user. 

If you are interested in using Kali for real world fo- 
rensics of any type, validate ali forensic tools to 
ensure that you know their expected behavior in 
any circumstance that you may place them. 



Exciting Tools in Kali Linux 

In Kali Linux, top 10 security tools have been put 
under a single menu which makes life easier for 




Figure 7. acccheck_tool_cli 




Figure 8. acccheck_tool_GUI_Access 



most of the security enthusiast (Figure 6). 
There are some other exciting tools in Kali Linux: 

ACCCHECK.PL 

This tool is used forActive Online Attack. It is de- 
signed as a password dictionary attack tool that 
targets Windows authentication via the SMB pro- 
tocol. It is in fact a wrapper script around the 'smb- 
client' binary, and as a result is dependent on it for 
its execution. 

Requirements 

• Victim Machine: Windows XP or Windows 7 or 
Windows 8 

• Attacker Machine: Kali Linux OS 




Figure 10. detect_sniffer6_GUI_Access 




Figure 11. dnsrevenum6_di 




Figure 9. detect_sniffer6_cli 



Figure 12. dnsrevenum6_GUI_Access 
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For accessing acccheck.pl tool, open terminal 
and type acccheck.pl and hit enter. It will display 
description, usage and example of the tool as 
shown in the Figure 7. OR, you can access this 
tool graphically also (Figure 8). 

DETECT_SNIFFER6 

This tool is used to test if systems on the locai LAN 
are sniffing. 

For accessing detect_sniffer6 tool, open terminal 
and type detect_sniffer6 and hit enter. It will dis- 
play description, usage and example of the tool as 
shown in the Figure 9. 

To access this tool graphically: Figure 10. 

DNSREVENUM6 

This tool is used for reverse DNS information gath- 
ering for IPV6. 

For accessing dnsrevenum6 tool, open terminal 
and type "dnsrevenum6" and hit enter. It will dis- 
play description, usage and example of the tool as 
shown in the Figure 11. 

To access this tool graphically: Figure 12. 

There are various other tools which can be handy 
as peryour requirement. However, after explaining 



few interesting facts about Kali Linux in this arti- 
eie, I assume that you will be able to explore other 
tools on your own. 

To conclude, once again I would like to emphasis 
that if you are really interested in professional pen- 
etration testing and security auditing, Kali Linux 
should be your preferred choice because most of 
the industry standard security tools are bundled to- 
gether in this distribution. 

There are other interesting information on Ka- 
li Linux. For more information, documentation is 
present at http://docs.kali.org. 
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